Re: disabled SSL log_like tests

Tom Lane <tgl@sss.pgh.pa.us>

From: Tom Lane <tgl@sss.pgh.pa.us>
To: Thomas Munro <thomas.munro@gmail.com>
Cc: Andrew Dunstan <andrew@dunslane.net>, PostgreSQL-development <pgsql-hackers@postgresql.org>, Jacob Champion <jacob.champion@enterprisedb.com>
Date: 2025-05-07T01:18:11Z
Lists: pgsql-hackers
I wrote:
> Yeah, I see that too.  But I also see three failures in 002_scram.pl,
> which presumably were there before e0f373ee.  (Tested on OpenBSD 7.6
> and 7.7.)  The buildfarm's OpenBSD animals haven't caught this
> because they don't run this test suite :-(.

I dug into this with gdb, and it seems like it's an omission in
LibreSSL's RSA-PSS support.  We're requesting a signature algorithm
with code 2054, which in their source is SIGALG_RSA_PSS_RSAE_SHA512,
and that leads them to this sigalgs[] table entry in
lib/libssl/ssl_sigalgs.c:

	{
		.value = SIGALG_RSA_PSS_RSAE_SHA512,
		.key_type = EVP_PKEY_RSA,
		.md = EVP_sha512,
		.security_level = 5,
		.flags = SIGALG_FLAG_RSA_PSS,
	},

The problem is that the private key has key_type EVP_PKEY_RSA_PSS
which is not equal to EVP_PKEY_RSA, so ssl_sigalg_pkey_ok() in the
same file rejects this entry as not compatible.  In fact, there
are *no* entries in sigalgs[] that can match a PSS private key
according to ssl_sigalg_pkey_ok().  So while perhaps
SIGALG_RSA_PSS_RSAE_SHA512 is the wrong thing for us to request,
I do not see a right thing.

Looking around a little more, there are places like
SSL_get_signature_type_nid() that do things like this:

	*nid = sigalg->key_type;
	if (sigalg->key_type == EVP_PKEY_RSA &&
	    (sigalg->flags & SIGALG_FLAG_RSA_PSS))
		*nid = EVP_PKEY_RSA_PSS;

So it seems like this might be a simple oversight in
ssl_sigalg_pkey_ok(), which doesn't make any such correction:

	if (sigalg->key_type != EVP_PKEY_id(pkey))
		return 0;

Anyone know anything about where to submit LibreSSL bugs?

			regards, tom lane



Commits

  1. Skip RSA-PSS ssl test when using LibreSSL.

  2. Ooops ... add required configure support.

  3. Hack one ssl test case to pass with current LibreSSL.

  4. Centralize ssl tests' check for whether we're using LibreSSL.

  5. Re-enable SSL connect_fails tests, and fix related race conditions.

  6. Disable unstable test cases in src/test/ssl/t/001_ssltests.pl.